[neoCrimeLabs]

They never stopped supporting it, to my knowledge. I first started using their certs for my IMAP and SMTP servers 10ish years ago, at least.

If you use HTTP-01 challenge method you require an HTTP server on the host.

If you don't want an HTTP server on your imap/smtp server you need to use the DNS-01 challenge method.

[nubinetwork]

And what if I want to run DNS and http on separate servers than my mail server?

[wolrah]

DNS-01 validation has nothing to do with where your DNS is hosted, all it takes is being able to create a DNS record to prove control over the zone.

[neoCrimeLabs]

The same thing everyone else does. Build automation, use configuration management, use cert manager or other similar solutions.

[neoCrimeLabs]

Update: Had less time to post than I realized, hence the terse reply.

Meant to say those solutions are in addition to Lets Encrypt. An X509 certificate is an X509 certificate, regardless if its for https, imaps, or smtps. If you're distributing your stuff across multiple hosts or containers, then it makes sense to use some sort of automation, configuration management, or certificate management/distribution system.